WHAT IS CLAIMED IS: 



1 . A method comprising the steps of: 

a) determining that a datagram arriving at an interface between a network 
and an edge resource is the initial datagram in a sequence of datagrams associated 
in a common session as to which a new connection is requested; 

b) providing a table of values indicating the probability that a new connection 
will be allowed for each of a plurality of pipes; 

c) determining the pipe membership of a determined initial datagram by 
testing Quality of Service bits in said datagram and selecting from the provided table 
a probability value corresponding to the determined pipe membership of the 
determined initial datagram; and 

d) determining from the selected probability value whether establishment of 
a new connection will be allowed for the associated session and selectively 
acknowledging the determined initial datagram and allowing a new connection for 
the associated session based upon the determination of whether a new connection 
will be allowed. 

2. The method according to Claim 1 , wherein the step of determining allowability 
of a session and selectively acknowledging an initial datagram further includes the 
steps of: 

e) providing a random number; 

f) performing a comparison of a current value of the random number with the 
new connection allowance probability value selected from the table of values; 

g) disregarding the initial datagram if the current state of the random number 
generator is greater than the new connection allowance probability value; and 

h) sending the initial datagram to an edge device or to an attached session 
handling device wherein an acknowledgment signal can be computed and 
transmitted if the current state of said random number generator is less than or 
equal to the new connection allowance probability value. 
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3. The method according to Claim 2, wherein the random number and the new 
connection allowance probability value are both fractions between 0 and 1.0, that 
is, in the interval of fractions in [0, 1]. 

4. The method according to Claim 1, wherein the step of determining pipe 
membership further includes the step of comparing administratively specified values 
with the value of selected fields in a packet header of the datagrams. 

5. The method according to Claim 4, wherein said selected fields of a packet 
header comprises the Differentiated Services Code Point (DSCP) field in a standard 
IP packet header. 

6. The method according to Claim 4, wherein said selected fields of a packet 
header comprise the components used for MPLS tunnel designation. 

7. The method according to Claim 1 , wherein the step of determining whether a 
datagram constitutes a request for a new connection of a certain value further 
includes the step of comparing administratively specified values with the value of 
selected fields in a packet header of the datagram. 

8. The method according to Claim 7, wherein the selected fields of a packet 
header comprise the Transmission Control Protocol (TCP) Synchronization (SYN) 
field in a standard TCP packet header. 

9. The method according Claim 1 wherein the table of values is indexed 
according to pipe numbers with each corresponding table entry representing the 
new connection allowance probability corresponding to the associated pipe. 

10. The method according to Claim 1 , further comprising the step of responding 
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to actual offered loads of simultaneous connections in each of said pipes relative 
to guaranteed connection numbers of those pipes by altering the values in the table. 



1 11. The method according to Claim 10, further comprising the step of generating 

2 a signal indicative of the existence or nonexistence of excess connection capacity 

3 within the interface that affects a pipe flowing through the interface and wherein the 

4 altering of the table values is further responsive to the generated signal. 

1 12. The method according to Claim 1 1 , wherein the step of generating a signal 

2 includes manipulation of multiple components each of which corresponds to excess 

3 connection capacity within an interface, and further wherein the pipes within the 

4 interface are grouped according to which shared resources within the interface are 
| 5 currently dedicated to the processing of the grouped pipes. 

si 

* 1 1 3. A method that controls the flow of datagrams including the steps of: 

| 2 a) providing, in an interface with CAT, a table identifying pipes and 

3 3 associated new connection allowance probability for each pipe in said table; 
3 4 b) determining the identity of each datagram received in said interface by 

f 5 examining bits within said datagram; 

[I 6 c) correlating datagram identity in step (b) with entries in the table; and 

3 

T 7 d) allowing or disallowing a request for a new connection represented in the 

8 initial datagram of a new session based upon the value of the new connection 

9 allowance probability only if the datagram identified in step (b) matches the identity 
10 of a pipe in the table. 

1 14. The method of Claim 13 wherein numerals are used to indicate the identity of 

2 pipes and the identity of datagrams. 

1 15. The method of Claim 14 further including the steps of providing a random 

2 number generator; and allowing or disallowing a request for a new connection 
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represented in the initial datagram of a new session based upon the value of the 
new connection allowance probability and a present value of the random number 
generator. 

16. A method of managing congestion in a communications network comprising 
the steps of: 

operatively monitoring, with a device for determining the existence of excess 
connection capacity, the existence of excess connection capacity within a 
communications device; 

generating a signal indicating existence or nonexistence of said excess 
connection capacity in said communications device; and 

using the generated signal to acknowledge or disregard requests for new 
connections in the form of initial packets of new sessions prior to initiating 
processing on the new connections. 

17. Apparatus comprising: 

a) a memory in which a table of pipe identifiers and associated values for 
new connection allowance probabilities of transmission are stored; 

b) a buffer which stores a portion of a frame determined to be an initial frame 
of a new session; 

c) a random number generator that periodically outputs random numbers; 

d) a controller operatively coupled to said memory, said buffer and said 
random number generator, said controller: 

parsing information stored in said buffer to determine a pipe 
membership number for the initial frame, 

determining from said table a new connection allowance probability 
value corresponding to the determined pipe membership number, 

comparing the probability value with a present value of the random 
number generator, and 

causing the initial frame to be acknowledged or disregarded based 
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upon the result of the comparison. 

18 . Apparatus according to Claim 17, further comprising an interface to an 
external controller separate from said apparatus, said interface being coupleable 
through the external controller to at least one other network device and altering the 
probability values stored in said memory to indicating new connection allowance 
probability values in response to algorithm constants and determined actual 
connection values in each identified pipe relative to guaranteed connection values 
for those pipes. 

1 9. Apparatus according to Claim 1 7, wherein said controller alters the probability 
values indicating new connection allowance probability in response to algorithm 
constants and actual current connection number data for each of said pipes relative 
to guaranteed data connection values for those pipes. 

20. Apparatus according to one of Claims 18 and 19, further comprising a 
management component which initializes the algorithm constants and guaranteed 
data connection values for pipes. 

21 . Apparatus according to Claim 1 9, wherein said controller responds to a signal 
from a packet forwarding device communicating with said apparatus indicating the 
existence of excess connection capacity within that forwarding device that affects 
a pipe flowing through said apparatus by altering the table of values stored in said 
memory. 

22. Apparatus according to Claim 18, wherein said interface passes to the 
external controller a signal from said apparatus indicating excess connection 
capacity within said apparatus that affects a pipe flowing through said apparatus. 

23. Apparatus according to one of Claims 21 or 22, wherein said signal includes 
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multiple components each of which corresponds to the existence of excess 
connection capacity within a different set of processing resources, said pipes 
flowing through said apparatus being grouped according to which shared resources 
they direct data to, and wherein the assignment of said values is performed 
separately for each group of pipes. 

24. Apparatus comprising: 

an interface between a network such as the Internet and an edge resource 
such as a server; and 

an excess connection capacity monitoring device operatively coupled to said 
interface, said excess connection capacity monitoring device monitoring connection 
numbers in said interface and in said edge resource and generating at least one 
signal indicating the existence of an excess connection capacity state in said 
interface and said edge device. 
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